fragattacks/ADVISORIES.md

# Security Advisories / Bulletins linked to FragAttacks

Pull requests with additional links are welcome! Or create an issue on GitHub to request a link to be added.

## A

- [Arista](https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63)
- [Arris](https://arris.secure.force.com/consumers/articles/General_FAQs/FragAttack-Vulnerability)
- [Aruba](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-011.txt)
- [Avm.de](https://en.avm.de/service/current-security-notifications/): Look for "FragAttacks" Wi-Fi vulnerability
- [Asuswrt-Merlin](https://www.asuswrt-merlin.net/changelog): FragAttacks got patched in [`386.2_6 (6-June-2021)`](https://twitter.com/RMerlinDev/status/1401598180811227137).
- [Arlo](https://kb.arlo.com/000062602/Security-Advisory-for-Aggregation-and-Fragmentation-Attacks-Against-Wi-Fi)

## C

- [Check Point](https://supportcontent.checkpoint.com/solutions?id=sk173718)
- [Cisco](https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-wifi-faf-22epcEWu.html)
- COMMSCOPE/Ruckus: [Overview](https://support.ruckuswireless.com/fragattacks-ruckus-technical-support-response-center), [Link 2](https://www.commscope.com/fragattacks-commscope-ruckus-resource-center/wifi-fragattacks-what-you-need-to-know/), [Link 3](https://www.commscope.com/globalassets/digizuite/916169-faq-security-advisory-id-20210511-v1-0.pdf). Their claim that [EAP-TLS](https://www.fragattacks.com/#eaptls) or [802.11w](https://www.fragattacks.com/#mfp) makes attacks harder is **[incorrect](https://www.mathyvanhoef.com/2021/05/fragattacks-clarifying-some-aspects.html)**.
- [Cypress](https://community.cypress.com/t5/Security-Bulletin/Potential-Fragmentation-Vulnerabilities-for-Wi-Fi-Devices/ba-p/276441)
- [Cambium Networks](https://www.cambiumnetworks.com/wp-content/uploads/2021/05/2021-1-FragAttacks-05142021.pdf)

## D

- [Dell](https://www.dell.com/support/kbdoc/en-th/000186331/dsa-2021-100-dell-client-platform-security-update-for-intel-wifi-software-vulnerabilitiesdsa-2021-100-dell-client-platform-security-update-for-intel-wifi-software-vulnerabilities)
- [DD-WRT](): Patches are included in revision r46690. Builds are available depending on the hardware: [Marvell MVEBU](https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=329127), [Atheros WiSOC](https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=329125), [Broadcom SoC](https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=329092&postdays=0&postorder=asc&start=0), [x86 based](https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=329129), [Ralink SoC](https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=329128&sid=80c14f34bd3a9f1e48e1ea3002c4d5f1). 

## E

- [Eero](https://blog.eero.com/fragattacks-fragmentation-aggregation-and-attacks-update-available-for-all-eero-customers/)
- [Extreme Networks](https://extremeportal.force.com/ExtrArticleDetail?an=000095779)
- [Espressif](https://github.com/espressif/esp-idf/issues/7019)

## F

- [Fortinet](https://www.fortiguard.com/psirt/FG-IR-21-071)

## H

- [Huawei](https://www.huawei.com/en/psirt/security-notices/huawei-sn-20210513-01-fragattacks-en)

## I

- [Intel](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html)

## J

- [Juniper](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11170&cat=SIRT_1&actp=LIST)

## K

- [Keenetic](https://help.keenetic.com/hc/en-us/articles/360021967180-Release-KeeneticOS-3-6-6)

## L

- [Lancom](https://www.lancom-systems.com/service-support/instant-help/general-security-information/): look for WLAN vulnerability "Fragattacks" - They provide patches .
- [Lenovo](https://support.lenovo.com/fr/en/product_security/len-57316)
- [Linksys](https://www.linksys.com/gb/support-article?articleNum=246427#ff)
- [Linux Wireless](https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/)

## M

- Microsoft: [CVE-2020-24587](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-24587), [CVE-2020-24588](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-24588), [CVE-2020-26144](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-26144)
- [Mist](https://www.mist.com/documentation/mist-security-advisory-fragattacks-and-faq)
- MikroTik: patches are available for [all releases](https://blog.mikrotik.com/security/fragattacks.html).

## N

- [Netgear](https://kb.netgear.com/000063666/Security-Advisory-for-Fragment-and-Forge-vulnerabilities-on-some-WiFi-capable-devices-PSV-2021-0014-PSV-2021-0080): their claim that the adversary needs to know the Wi-Fi password is **[incorrect](https://www.mathyvanhoef.com/2021/05/fragattacks-clarifying-some-aspects.html#nopassword)**.

## O

- OpenWRT: [patches](https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=025bd93f36c9923127674ce127e22933592cba6c) have been commited but unclear which builds have these patches so far. [This discussion](https://forum.openwrt.org/t/new-wi-fi-vulnerability-probably-affecting-openwrt/96356/26) talks about which versions/buids have patches.

## R

- Ruckus/COMMSCOPE: [Overview](https://support.ruckuswireless.com/fragattacks-ruckus-technical-support-response-center), [Link 2](https://www.commscope.com/fragattacks-commscope-ruckus-resource-center/wifi-fragattacks-what-you-need-to-know/), [Link 3](https://www.commscope.com/globalassets/digizuite/916169-faq-security-advisory-id-20210511-v1-0.pdf). Their claim that [EAP-TLS](https://www.fragattacks.com/#eaptls) or [802.11w](https://www.fragattacks.com/#mfp) makes attacks harder is **[incorrect](https://www.mathyvanhoef.com/2021/05/fragattacks-clarifying-some-aspects.html)**.

## S

- [Samsung](https://security.samsungmobile.com/securityUpdate.smsb): Look for SMR-APR-21 & SVE-2021-20775
- [SierraWireless](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-003/)
- [Suse](https://www.suse.com/support/kb/doc/?id=000020244)
- [Synology](https://www.synology.com/en-global/security/advisory/Synology_SA_21_20)
- [Sophos](https://community.sophos.com/b/security-blog/posts/multiple-vulnerabilities-aka-fragattacks-in-wifi-specification)

## T

- [Telekom.com](https://www.telekom.com/en/company/details/fragattack-gap-in-wifi-standard-627006)
- [Texas Instruments](https://e2e.ti.com/support/wireless-connectivity/wi-fi-group/wifi/f/wi-fi-forum/1000522/faq-wi-fi-fragattacks---fragmentation-and-aggregation-attacks): they also provide an [application report](https://www.ti.com/lit/an/swra710a/swra710a.pdf?ts=1624389571376&ref_url=https%253A%252F%252Fwww.google.com%252F)

## Z

- [Zyxel](https://community.zyxel.com/en/discussion/10655/zyxel-security-advisory-for-fragattacks-against-wifi-products)

## Other Overviews

- [ICASI](https://www.icasi.org/aggregation-fragmentation-attacks-against-wifi/)
- [Wi-Fi Alliance](https://www.wi-fi.org/security-update-fragmentation)
fragattacks: add ADVISORIES.md overview 2021-05-12 15:27:40 -04:00			`# Security Advisories / Bulletins linked to FragAttacks`

			`Pull requests with additional links are welcome! Or create an issue on GitHub to request a link to be added.`

			`## A`

			`- [Arista](https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63)`
			`- [Arris](https://arris.secure.force.com/consumers/articles/General_FAQs/FragAttack-Vulnerability)`
			`- [Aruba](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-011.txt)`
			`- [Avm.de](https://en.avm.de/service/current-security-notifications/): Look for "FragAttacks" Wi-Fi vulnerability`
Advisories: patches for asuswrt-Merlin 2021-06-07 03:52:57 -04:00			- [Asuswrt-Merlin](https://www.asuswrt-merlin.net/changelog): FragAttacks got patched in [`386.2_6 (6-June-2021)`](https://twitter.com/RMerlinDev/status/1401598180811227137).
Advisories: add Arlo 2021-07-13 22:37:24 -04:00			`- [Arlo](https://kb.arlo.com/000062602/Security-Advisory-for-Aggregation-and-Fragmentation-Attacks-Against-Wi-Fi)`
fragattacks: add ADVISORIES.md overview 2021-05-12 15:27:40 -04:00
			`## C`

Added link to Check Point's advisory Added Check Point SK: https://supportcontent.checkpoint.com/solutions?id=sk173718 2021-08-05 05:37:03 -04:00			`- [Check Point](https://supportcontent.checkpoint.com/solutions?id=sk173718)`
fragattacks: add ADVISORIES.md overview 2021-05-12 15:27:40 -04:00			`- [Cisco](https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-wifi-faf-22epcEWu.html)`
Advisories: further highlight mistakes in some advisories 2021-06-20 08:03:06 -04:00			- COMMSCOPE/Ruckus: [Overview](https://support.ruckuswireless.com/fragattacks-ruckus-technical-support-response-center), [Link 2](https://www.commscope.com/fragattacks-commscope-ruckus-resource-center/wifi-fragattacks-what-you-need-to-know/), [Link 3](https://www.commscope.com/globalassets/digizuite/916169-faq-security-advisory-id-20210511-v1-0.pdf). Their claim that [EAP-TLS](https://www.fragattacks.com/#eaptls) or [802.11w](https://www.fragattacks.com/#mfp) makes attacks harder is [incorrect](https://www.mathyvanhoef.com/2021/05/fragattacks-clarifying-some-aspects.html).
fragattacks: add ADVISORIES.md overview 2021-05-12 15:27:40 -04:00			`- [Cypress](https://community.cypress.com/t5/Security-Bulletin/Potential-Fragmentation-Vulnerabilities-for-Wi-Fi-Devices/ba-p/276441)`
Advisories: add Cambium Networks 2021-05-17 11:12:13 -04:00			`- [Cambium Networks](https://www.cambiumnetworks.com/wp-content/uploads/2021/05/2021-1-FragAttacks-05142021.pdf)`
fragattacks: add ADVISORIES.md overview 2021-05-12 15:27:40 -04:00
fragattacks: add Huawei and Dell to advisories 2021-05-14 19:46:23 -04:00			`## D`

			`- [Dell](https://www.dell.com/support/kbdoc/en-th/000186331/dsa-2021-100-dell-client-platform-security-update-for-intel-wifi-software-vulnerabilitiesdsa-2021-100-dell-client-platform-security-update-for-intel-wifi-software-vulnerabilities)`
Advisories: add DD-WRT info 2021-06-07 04:49:20 -04:00			- [DD-WRT](): Patches are included in revision r46690. Builds are available depending on the hardware: [Marvell MVEBU](https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=329127), [Atheros WiSOC](https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=329125), [Broadcom SoC](https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=329092&postdays=0&postorder=asc&start=0), [x86 based](https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=329129), [Ralink SoC](https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=329128&sid=80c14f34bd3a9f1e48e1ea3002c4d5f1).
fragattacks: add Huawei and Dell to advisories 2021-05-14 19:46:23 -04:00
fragattacks: add ADVISORIES.md overview 2021-05-12 15:27:40 -04:00			`## E`

			`- [Eero](https://blog.eero.com/fragattacks-fragmentation-aggregation-and-attacks-update-available-for-all-eero-customers/)`
fragattacks: add Extreme Networks advisory link Fixes #6 2021-05-16 10:12:48 -04:00			`- [Extreme Networks](https://extremeportal.force.com/ExtrArticleDetail?an=000095779)`
Advisories: add Espressif 2021-05-22 04:33:38 -04:00			`- [Espressif](https://github.com/espressif/esp-idf/issues/7019)`
fragattacks: add ADVISORIES.md overview 2021-05-12 15:27:40 -04:00
Add Fortinet advisory 2021-09-19 18:43:59 -04:00			`## F`

			`- [Fortinet](https://www.fortiguard.com/psirt/FG-IR-21-071)`

fragattacks: add Huawei and Dell to advisories 2021-05-14 19:46:23 -04:00			`## H`

			`- [Huawei](https://www.huawei.com/en/psirt/security-notices/huawei-sn-20210513-01-fragattacks-en)`

fragattacks: add ADVISORIES.md overview 2021-05-12 15:27:40 -04:00			`## I`

			`- [Intel](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html)`

			`## J`

			`- [Juniper](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11170&cat=SIRT_1&actp=LIST)`

Advisories: add Keenetic 2021-05-27 15:59:11 -04:00			`## K`

			`- [Keenetic](https://help.keenetic.com/hc/en-us/articles/360021967180-Release-KeeneticOS-3-6-6)`

fragattacks: fix typo in advories 2021-05-12 15:36:03 -04:00			`## L`
fragattacks: add ADVISORIES.md overview 2021-05-12 15:27:40 -04:00
			`- [Lancom](https://www.lancom-systems.com/service-support/instant-help/general-security-information/): look for WLAN vulnerability "Fragattacks" - They provide patches .`
			`- [Lenovo](https://support.lenovo.com/fr/en/product_security/len-57316)`
			`- [Linksys](https://www.linksys.com/gb/support-article?articleNum=246427#ff)`
			`- [Linux Wireless](https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/)`

			`## M`

Advisories: fix Microsoft link 2021-05-22 05:46:01 -04:00			`- Microsoft: [CVE-2020-24587](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-24587), [CVE-2020-24588](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-24588), [CVE-2020-26144](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-26144)`
fragattacks: add ADVISORIES.md overview 2021-05-12 15:27:40 -04:00			`- [Mist](https://www.mist.com/documentation/mist-security-advisory-fragattacks-and-faq)`
Advisories: update MikroTik 2021-06-04 04:50:57 -04:00			`- MikroTik: patches are available for [all releases](https://blog.mikrotik.com/security/fragattacks.html).`
fragattacks: add ADVISORIES.md overview 2021-05-12 15:27:40 -04:00
			`## N`

Advisories: clarify mistake in NETGEAR advisory 2021-06-20 08:01:48 -04:00			`- [Netgear](https://kb.netgear.com/000063666/Security-Advisory-for-Fragment-and-Forge-vulnerabilities-on-some-WiFi-capable-devices-PSV-2021-0014-PSV-2021-0080): their claim that the adversary needs to know the Wi-Fi password is [incorrect](https://www.mathyvanhoef.com/2021/05/fragattacks-clarifying-some-aspects.html#nopassword).`
fragattacks: add ADVISORIES.md overview 2021-05-12 15:27:40 -04:00
Advisories: add OpenWRT 2021-06-07 04:55:29 -04:00			`## O`

			`- OpenWRT: [patches](https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=025bd93f36c9923127674ce127e22933592cba6c) have been commited but unclear which builds have these patches so far. [This discussion](https://forum.openwrt.org/t/new-wi-fi-vulnerability-probably-affecting-openwrt/96356/26) talks about which versions/buids have patches.`

fragattacks: add ADVISORIES.md overview 2021-05-12 15:27:40 -04:00			`## R`

Advisories: further highlight mistakes in some advisories 2021-06-20 08:03:06 -04:00			- Ruckus/COMMSCOPE: [Overview](https://support.ruckuswireless.com/fragattacks-ruckus-technical-support-response-center), [Link 2](https://www.commscope.com/fragattacks-commscope-ruckus-resource-center/wifi-fragattacks-what-you-need-to-know/), [Link 3](https://www.commscope.com/globalassets/digizuite/916169-faq-security-advisory-id-20210511-v1-0.pdf). Their claim that [EAP-TLS](https://www.fragattacks.com/#eaptls) or [802.11w](https://www.fragattacks.com/#mfp) makes attacks harder is [incorrect](https://www.mathyvanhoef.com/2021/05/fragattacks-clarifying-some-aspects.html).
fragattacks: add ADVISORIES.md overview 2021-05-12 15:27:40 -04:00
			`## S`

			`- [Samsung](https://security.samsungmobile.com/securityUpdate.smsb): Look for SMR-APR-21 & SVE-2021-20775`
			`- [SierraWireless](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-003/)`
			`- [Suse](https://www.suse.com/support/kb/doc/?id=000020244)`
			`- [Synology](https://www.synology.com/en-global/security/advisory/Synology_SA_21_20)`
			`- [Sophos](https://community.sophos.com/b/security-blog/posts/multiple-vulnerabilities-aka-fragattacks-in-wifi-specification)`

			`## T`

			`- [Telekom.com](https://www.telekom.com/en/company/details/fragattack-gap-in-wifi-standard-627006)`
Advisories: add texas instruments 2021-06-22 15:22:19 -04:00			`- [Texas Instruments](https://e2e.ti.com/support/wireless-connectivity/wi-fi-group/wifi/f/wi-fi-forum/1000522/faq-wi-fi-fragattacks---fragmentation-and-aggregation-attacks): they also provide an [application report](https://www.ti.com/lit/an/swra710a/swra710a.pdf?ts=1624389571376&ref_url=https%253A%252F%252Fwww.google.com%252F)`
fragattacks: add ADVISORIES.md overview 2021-05-12 15:27:40 -04:00
			`## Z`

			`- [Zyxel](https://community.zyxel.com/en/discussion/10655/zyxel-security-advisory-for-fragattacks-against-wifi-products)`

			`## Other Overviews`

			`- [ICASI](https://www.icasi.org/aggregation-fragmentation-attacks-against-wifi/)`
			`- [Wi-Fi Alliance](https://www.wi-fi.org/security-update-fragmentation)`